PT-2022-21995 · Pypi · Catly-Translate

Di1L0O

Published

2022-06-24

Updated

2022-07-06

CVE-2022-34061

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Catly-Translate package in PyPI versions 0.0.3 through 0.0.5

Description The issue allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges due to a code execution backdoor.

Recommendations For versions 0.0.3 through 0.0.5, remove or uninstall the Catly-Translate package to prevent exploitation until a patched version is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-34061

PYSEC-2022-221

Affected Products

Catly-Translate

PT-2022-21995 · Pypi · Catly-Translate

CVE-2022-34061

Related Identifiers

Affected Products

References · 7